package com.myblog.config.security.authorize;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
import org.springframework.stereotype.Component;

/**
 * 关系系统管理相关的授权配置
 */
@Component
public class SystemAuthorizeConfigureProvider implements AuthorizeConfigureProvider {

    @Override
    public void configure(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) {
        config.antMatchers("/user").hasAuthority("sys:user");
                //这种形式的要前面拼接ROLE_比如 ROLE_role
                //.antMatchers("/role").hasRole("role")
    }
}
